Preparing the BSCI exam
As I’m free (no job yet), I’m preparing myself for the Cisco BSCI exam for the CCNP… Say me good luck 
One of my (may be) future colleague said me that it’s more interesting to have a Juniper certification… what’s your opinion ? mine : if I had enough time I will pass the two
Add comment 27 octobre 2009
Feedback on Cisco’s REP
Me again,
I wanted to have your feedback about Cisco’s REP (Resilient Ethernet Protocol) :
- where do you use it
- equipments needed
- reliability
- efficiency
Thanks in advance
Add comment 27 octobre 2009
Small screenshot tools under Linux
Hi all,
I don’t like to have heavy software under my notebook. To accomplish some screenshots you don’t need ksnapshot or something like that.
Just install scrot and qiv
Scrot is a cmd line tool to make screenshots and Qiv a really small and quick tool to view images.
To use Scrot :
$ scrot -s -d 3 test.png
-s to select the windows or rectangle to save
-d for the delay to wait before taking the snapshot
and then view the image :
$ qiv test.png
Add comment 27 octobre 2009
ip virtual-reassembly exceeded issue
Hi all,
Days ago I was facing an issue concerning a VRRP cluster (using keepalived). Every hour, the backup server was changing its VRRP state to master and two second later (after forced re-election) goes back to the backup state.
The same number of NICs are connected to every server, each NIC is configured in a vrrp_instance. But only one vrrp_instance on the backup server changed its state to master, the others did the same cause they belong to the same vrrp_sync_group.
The NIC changing its state is connected to a Cisco VPN router.
After many days of investigation (looking at if the server is receiving VRRP packets, if there were errors on the packets… if there were dropped packets…) I discovered in the log of the VPN router some messages which warn that virtual-reassembly parameter was exceeded… Heu ???
After searching, I increased this parameter on each interface of the Cisco VPN router :
ip virtual-reassembly max-reassemblies 32
This solves the problem, but until now I don’t know what was the real problem, sniffing didn’t give me too much information to analyse…
Add comment 7 septembre 2009
Cisco SDM doesn’t start cause of Java error
Hi falks,
Today I tried to use for the first time the Cisco SDM. Unfortunatly, when the Cisco SDM Express launched, I got nothing. Bad news…
I looked at the Java JRE console and I found an IndexOutOfRange error !
In my workstation I had the Java 1.6.0_13 installed, after googling, I found this post where gays suggest to downgrade or upgrade Java JRE to resolve the problem.
I upgraded the JRE to 1.6.0_15 and now the SDM is working…
Add comment 7 août 2009
Gateway High Availability
Hi,
In this article I will explain the different techniques used for gateway high availability.
So first let’s explain what is a HA gateway ?
A high available gateway is a first-hope router (layer 3) that is available 100% (or almost) of time. This can be achieved using many strategies.
The most used, well known and reliable strategy is the first-hop redundancy where two or more routers act as a unique virtual gateway.
This strategy is divided into two techniques : Failover and Loadbalancing.
The failover technique defines a router as the master of the group and the others routers as the backups. When the master router goes down a backup router (depending on his priority) becomes the master.
The loadbalancing technique uses all the routers (all of them are masters). Every router is used, for example, in round robin manner.
The HSRP protocol (proprietary and no more supported by Cisco) and the VRRP protocol (Virtual Router Redundancy Protocol) are two protocols used for failover redundancy.
GLPB (Gateway Load Balancing Protocol) is a Cisco proprietary protocol that can be used for load balancing traffic between many gateways.
Here is a very nice cheat sheet from stretch
2 comments 23 juillet 2009
I’m CCDA certified
Hi all,
I was a little bit buzy to prepare my Cisco CCDA (640-863) exam… but the important thing is that I passed it !
Now, I’m going to prepare the CCNA…
2 comments 22 juillet 2009
Connect to a router’s inside interface
Hi folks,
Two months ago we implemented a DRP network in a branch office. The connection between the main office and the branch one is done with a site-to-site IPSec VPN.
Here is the global schema :
VPN
Everything was ok until I tried to connect to the F0/0 IP of the remote VPN router (VPN-2). Thus, I was unable to get connected.
I checked ACLs, routes, … everything is ok.
Being connected on the VPN-2 (indirectly connected), I tried to telnet back to the 192.168.1.1 machine, then I got a Host unreachable error.
Strange, routes are ok (a default route exists throughout the ISP router)… The error suggests there is no route to the host, so I added an explicit route on VPN-2 indicating the ISP router as the gateway to connect to the 192.168.1.0/24 network.
ip route 192.168.1.0 255.255.255.0 A.B.C.D
As expected, this solved the problem.
After this, I thought why the default route wasn’t been used ?
My suggestion :
192.168.1.0/24 is a RFC1918 network and may be the IOS default route doesn’t hundle these networks.
Your comments are welcome.
Add comment 27 juin 2009
ESX 3.0.2 VM cloning
Hi,
To clone a VM under ESX 3.0.2 you can use VMware Converter, here is a solution I use (if I want to clone a VM on the same ESX) :
Connect to the ESX with ssh and use these command-line :
cd /vmfs/volumes/storageX
mkdir newVM
vmkfstools -i oldVM/oldVM.vmdk newVM/newVM.vmdk
sed 's/oldVM/newVM/g' oldVM/oldVM.vmx > newVM/newVM.vmx
vmware-cmd -s register /vmfs/volumes/storageX/newVM/newVM.vmx
chmod 755 newVM/newVM.vmx
Then go to the GUI (VIC) and start the machine, you will be asked a question about the UUID answer Create (to create a new one for the new VM).
I tested these command without any problem, but it’s given without any garantee as your environment may be different.
Add comment 7 mai 2009
